April 15, 2016
FTP, or File Transfer Protocol, is a common method to share files easily and quickly within an organization’s internal network. However, as it relies on usernames and passwords for authentication as well as does not support data encryption, FTP security has always been a major concern for businesses. Files shared over an unsecure FTP session are vulnerable to several hacking attacks such as sniffing, spoofing, brute force attack, port stealing etc.
Given below are some tips to improve the security of your organization’s FTP server:
- Disable Anonymous Access: When you install FTP services on an operating system, it has anonymous access automatically enabled. If you do not disable this option, hackers can easily gain access to your server without requiring an authentic user account. They can also identify any security flaws in your FTP version and exploit them to host illegal files and copyrighted material. Therefore, you must either disable anonymous access or make sure that an unverified user has only read-only privileges in the server.
- Enable Activity Logging: It is critical that you log all activities on your FTP server to record the users and IP addresses that were allowed access. Reviewing this data regularly will help you to assess the network traffic pattern, unusual activity and security breaches.
- Implement Strong Password Policies: Configure the FTP security settings so that it requires the users to set lengthy, strong and complex passwords. It should consist of at least 8 to 10 characters and contain a mix of numbers, uppercase as well as lowercase letters so that it cannot be easily cracked by the hackers. In addition, the server should also compel the users to change the password at regular intervals.
- Set Account Permissions: Depending upon the FTP requirements of your employees, you should restrict the access permissions for each user account. For instance, if an employee‘s job role involves only uploading files, then the permission for downloading or deleting data on the FTP should be removed. You can also create user groups to set common permissions for some specific employees.
- Enable Anti Hacking Features: You can limit the number of hours during which the users can log in to the FTP. For instance, if you use the server in your organization, you should allow access only for the working hours, keeping it safe for the rest of the day. You can also set restrictions on the number of unsuccessful login attempts allowed after which the user will be locked out of the server. This reduces the chances of brute force attacks.
We, at Centex Technologies, provide complete IT security services to the business firms in Central Texas. For more information, feel free to call us at (855) 375 – 9654.